US security chief: cyber-threats 'on par' with 9/11

Michael Chertoff, the Homeland Security Secretary, said that computer-based attacks had the ability to cripple financial institutions and government networks.

"We take threats to the cyber world as seriously as we take threats to the material world," Mr Chertoff told a gathering of security industry experts in San Francisco.

His remarks came as a report by the British Chambers of Commerce found that 23 per cent of UK businesses had suffered from an attack by malicious software in the past year - more than twice the number that had been the victim of credit card fraud.

Mr Chertoff said that the US Government planned to shift its approach to fighting computer-based crime from what he called "a fundamentally backward-looking architecture" - analysing attacks as they happened and tracing back to their source - to "an early-warning system".

He declined to elaborate on how officials would monitor and flag up threats before they materialised - saying the details were classified, but admitted that the new approach presented significant technical challenges.

''It's going to be hard - it's hard technically," Mr Chertoff told delegates at the RSA Conference. ''(But) the fact that something's hard doesn't mean, 'Let's not do it because it's going to be difficult.' It means, 'Let's roll up our sleeves and get started.'''

Mr Chertoff said that there were too many openings in government networks through which cyber-criminals were able to inject malicious software, and that one of the first goals of the new system would be to reduce the number of access points from thousands to about 50.

Separately, the British Chambers of Commerce report found that in the past year, 31 per cent of UK businesses had been the victim of phishing attacks, in which criminals circulate e-mails purporting to be from a company in an attempt to get customers to hand over personal details, and that 19 per cent had experienced equipment failure or data loss as a result of a computer-based attack.

The report did not reveal what fraction of the £12.6 billion lost by British businesses last year as a result of crime was attributable to computer-based attacks, but the authors said that cyber-crime was a "growing problem" which police were "ill-equipped" to deal with.

"We're particularly noticing computer-based threats being a problem with companies that have introduced flexible working practices which allow employees to work from home, when networks can be more susceptible to attack," Gareth Elliott, a policy advisor at the British Chambers of Commerce, said.

In December, the Director-General of MI5 sent a letter to the chief executives of 300 UK banks, accountants and legal firms warning them that their computer systems were under attack from "Chinese state organisations" which were using the internet to conduct "cyber-espionage".

The UK security industry also recently criticised the Government for having a 'half-baked' approach to cyber-crime, and not doing enough to confront the "shockingly low" awareness of the problem among both businesses and individuals.